 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| l |
TWO Networks
(HOST GROUPS), Home and Remote
|
|
|
|
• |
HOME-SG
(172.16.1.1
|
|
|
|
– |
Security Gateway
for CryptoConsole (172.16.1.1)
|
|
|
|
– |
The Certificate
Authority operates on HOME-SG
|
|
|
|
– |
CryptoConsole is
Telnet-connected to HOME-SG
|
|
|
|
• |
REMOTE-SG
|
|
|
|
– |
Security Gateway
for remote LAN
|
|
|
|
– |
CryptoConsole is
serially connected to REMOTE-SG
|
|
|
| l |
HOME-SG and
REMOTE-SG Common Properties:
|
|
|
|
• |
TRAFFIC FILTER:
Use IPsec encryption & integrity for all traffic
|
|
|
|
• |
Keying Method:
IKE using Digital Certificates
|
|
|
|
• |
Crypto: SHA-1 for
integrity, 3DES for encryption
|
|
|
|
• |
Digital
Certificates issued from HOME-SG installed on both SG’s
|
